On 3/12/2020, a critical security vulnerability affecting Windows Server 2019 and Windows 10 (versions 1903 and 1909) with a rare 10/10 CVSS score was announced by Microsoft.
This vulnerability is a Remote Code Execution (RCE) exploit that can spread to other systems without any user interaction (referred to as “wormable” exploits) through use of the Microsoft Server Message Block 3.1.1 (SMBv3) protocol. This does not affect previous versions of Windows or Windows Server, as the affected SMB v3.1.1 compression features were introduced in the 1903 build of Windows 10.
Microsoft recommends patching affected systems as soon as possible to mitigate the spread of this exploit. There are workarounds to implement temporarily should it not be possible to patch immediately.
SCTG is currently taking steps to mitigate this vulnerability on all internal systems and platforms. We advise all customers to take the necessary precautions to mitigate this exploit on their systems also.
The patches released by Microsoft for all affected operating systems that can be downloaded from the Microsoft update catalog or through automatic updates in Windows:
If you are concerned about your patch management resources and strategies, please note that we do offer a comprehensive Patch Management Service where we manage, deploy, and validate updates on your behalf.
Our Managed Services Team is standing by to assist you in mitigating these exploits. If you have any questions, please submit a support request through the customer portal.